Code Review
/
releng
/
global-jjb.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
review
|
tree
raw
|
inline
| side by side
Fix: JaCoCo exclude patterns format
[releng/global-jjb.git]
/
shell
/
release-job.sh
diff --git
a/shell/release-job.sh
b/shell/release-job.sh
index
24bb0d6
..
57e4038
100644
(file)
--- a/
shell/release-job.sh
+++ b/
shell/release-job.sh
@@
-365,11
+365,12
@@
tag-git-repo(){
fi
git config user.name "$RELEASE_USERNAME"
git config user.email "$RELEASE_EMAIL"
fi
git config user.name "$RELEASE_USERNAME"
git config user.email "$RELEASE_EMAIL"
+ echo "INFO: push tag: $GIT_TAG"
+ git push origin "$GIT_TAG"
# Check if sentinal file exists
if [[ -f .testhash ]]; then
# Check if sentinal file exists
if [[ -f .testhash ]]; then
- git push origin "${GERRIT_BRANCH}" "$GIT_TAG"
- else
- git push origin "$GIT_TAG"
+ echo "INFO: push code bundle"
+ git push origin "HEAD:${GERRIT_REFSPEC}"
fi
fi
fi
fi
fi
fi
@@
-404,6
+405,7
@@
artifact_release_file(){
wget "${path}"/"${name}" -o artifacts/"${name}"
if [[ "$JOB_NAME" =~ "merge" ]] && [[ "$DRY_RUN" = false ]]; then
#lftools sign sigul artifacts
wget "${path}"/"${name}" -o artifacts/"${name}"
if [[ "$JOB_NAME" =~ "merge" ]] && [[ "$DRY_RUN" = false ]]; then
#lftools sign sigul artifacts
+ # shellcheck disable=SC2261
curl -v -u <NEXUSUSER>:<NEXUSPASS> --upload-file \
"${NEXUS_URL}"/content/repositories/releases/org/"${ORG}"/"${VERSION}"/"${name}" \;
fi
curl -v -u <NEXUSUSER>:<NEXUSPASS> --upload-file \
"${NEXUS_URL}"/content/repositories/releases/org/"${ORG}"/"${VERSION}"/"${name}" \;
fi
@@
-441,8
+443,16
@@
container_release_file(){
echo "docker tag $container_image_id $CONTAINER_PUSH_REGISTRY/$lfn_umbrella/$name:$VERSION"
echo "docker push $CONTAINER_PUSH_REGISTRY/$lfn_umbrella/$name:$VERSION"
if [[ "$JOB_NAME" =~ "merge" ]]; then
echo "docker tag $container_image_id $CONTAINER_PUSH_REGISTRY/$lfn_umbrella/$name:$VERSION"
echo "docker push $CONTAINER_PUSH_REGISTRY/$lfn_umbrella/$name:$VERSION"
if [[ "$JOB_NAME" =~ "merge" ]]; then
+ curl -O -L "https://github.com/sigstore/cosign/releases/latest/download/cosign-linux-amd64"
+ sudo mv cosign-linux-amd64 /usr/local/bin/cosign
+ sudo chmod +x /usr/local/bin/cosign
+ export COSIGN_PASSWORD
docker tag "$container_image_id" "$CONTAINER_PUSH_REGISTRY"/"$lfn_umbrella"/"$name":"$VERSION"
docker push "$CONTAINER_PUSH_REGISTRY"/"$lfn_umbrella"/"$name":"$VERSION"
docker tag "$container_image_id" "$CONTAINER_PUSH_REGISTRY"/"$lfn_umbrella"/"$name":"$VERSION"
docker push "$CONTAINER_PUSH_REGISTRY"/"$lfn_umbrella"/"$name":"$VERSION"
+ image_sha=$(docker images --no-trunc --quiet \
+ "$CONTAINER_PUSH_REGISTRY"/"$lfn_umbrella"/"$name":"$VERSION")
+ image_digest="$CONTAINER_PUSH_REGISTRY/$lfn_umbrella/$name@$image_sha"
+ cosign sign -y --key "$COSIGN_PRIVATE_KEY" "$image_digest"
fi
echo "#########################"
fi
fi
echo "#########################"
fi
@@
-469,7
+479,8
@@
maven_release_file(){
# forward from the tagging point, then a spur commit is created
# for the tag
taghash="$(awk '{print $NF}' "$PATCH_DIR/taglist.log")"
# forward from the tagging point, then a spur commit is created
# for the tag
taghash="$(awk '{print $NF}' "$PATCH_DIR/taglist.log")"
- if [ "${taghash}" = $(git rev-parse origin/${GERRIT_BRANCH}) ]; then
+ # shellcheck disable=SC2046
+ if [ "${taghash}" = $(git rev-parse "origin/${GERRIT_BRANCH}") ]; then
git checkout "origin/${GERRIT_BRANCH}"
# sentinal file
touch .testhash
git checkout "origin/${GERRIT_BRANCH}"
# sentinal file
touch .testhash
@@
-479,6
+490,8
@@
maven_release_file(){
git fetch "$PATCH_DIR/${PROJECT//\//-}.bundle"
git merge --ff-only FETCH_HEAD
git fetch "$PATCH_DIR/${PROJECT//\//-}.bundle"
git merge --ff-only FETCH_HEAD
+ # print last few changes to see how the bundle is applied
+ git log --graph --all --decorate --pretty=oneline -n10
nexus_release
tag-git-repo
}
nexus_release
tag-git-repo
}